النتائج 1 إلى 2 من 2

الموضوع: HOW TO: Automating Cisco Router, Switch, Firewall backups.

  1. #1
    عضو برونزي الصورة الرمزية one-zero
    تاريخ التسجيل
    Jul 2007
    المشاركات
    8,296
    معدل تقييم المستوى
    59

    HOW TO: Automating Cisco Router, Switch, Firewall backups.



    Step 1: Download and install rancid.
    --------------------------------------------------------------------

    For additional information on rancid's complete functionality see the following site.

    http://www.shrubbery.net/rancid/


    Install rancid, build-essential, and expect.


    Code:
    sudo apt-get install rancid-core rancid-util build-essential expectStep 2: Create .cloginrc file in the rancid directory.
    --------------------------------------------------------------------


    Opend a terminal and type the following.


    Code:
    sudo gedit /var/lib/rancid/.cloginrcAdd entries for each router, switch, pix firewall you'd like to backup by using the following format.


    Code:
    add password IPADDRESS {telnetpassword} {enablepassword}IPADDRESS = the actual ip address of the device you want to backup.
    telnetpassword = the actual telnet password for the device you want to backup.
    enablepassword = the actual enable password for the device you want to backup.

    The "{}" are required. At the bottom of the .clogin add the following line if you require SSH access to your equipment.


    Code:
    add method * telnet sshWith this clogin will first try to telnet then ssh to your equipment.



    Step 3: Protect the .cloginrc file.
    --------------------------------------------------------------------


    Code:
    sudo chmod 640 /var/lib/rancid/.cloginrcStep 4: Create a backup directory for backup configs.
    --------------------------------------------------------------------



    Code:
    sudo mkdir /var/lib/rancid/backups/
    Step 5: Change ownership of the /usr/lib/rancid/backups/ directory.
    --------------------------------------------------------------------



    Code:
    sudo chown -R rancid.rancid /var/lib/rancid/backups/
    Step 6: Change permissions to the rancid directory.
    --------------------------------------------------------------------



    Code:
    sudo chmod 770 /var/lib/rancid/Step 7: Set password for rancid account
    --------------------------------------------------------------------


    Code:
    sudo passwd rancidStep 8: Test .cloginrc
    --------------------------------------------------------------------

    As the user rancid test accessing your equipment.


    Code:
    su rancidNow using once of the network devices that you've put in the .cloginrc for rancid type the following in the open terminal.


    Code:
    /usr/lib/rancid/bin/clogin IPADDESSOFDEVICEYou should see the clogin telnet (or ssh) to the device in question and switch to enable mode on the device. If everything works the proceed on to step 8. Otherwise take a look at your /var/lib/rancid/.cloginrc .



    Step 9: Test grabing a backup config from the same device.
    --------------------------------------------------------------------

    As rancid run the following test to make sure that you have everything setup correctly.


    Code:
    /usr/lib/rancid/bin/clogin -c 'write term' IPADDESSOFDEVICE > /var/lib/rancid/backups/test.cfg
    Verify the output:


    Code:
    less /var/lib/rancid/backups/test.cfg
    If everthing checks out move on to step 10.


    Step 10: Create the bash script for the backups
    --------------------------------------------------------------------

    Here's a sample script for you to copy and paste into a file (i.e. network_device_backup.sh) and to tweak, add, or change for your needs. But save the script somewhere the rancid user can access and execute the script from (i.e./var/lib/rancid/). If you are planning on backing up a various types of routers, switches, firewalls etc you may want to create serveral differnet scripts.


    Code:
    #!/bin/bash
    # Variables

    clogin=/usr/lib/rancid/bin/clogin
    path=/var/lib/rancid/backups/
    tdy=`date +%m%d%Y`

    #backup network device

    $clogin -c 'write term' 192.168.0.1 > $path/foo-$tdy.cfgNOTE: When rancid is installed the default shell for the rancid user is csh. So for the script above to work the "#!/bin/bash' is needed.



    Step 11: Make the script executable to rancid.
    --------------------------------------------------------------------


    Code:
    sudo chmod 700 /path/to/script
    Step 12: Test the backup script.
    --------------------------------------------------------------------

    Test your script logged in as rancid.


    Code:
    su rancid
    Now from wherever you put the backup script verify that it works before adding it as a cron job. For this example I'm going to use the following location /var/lib/rancid/.scripts/routers.sh with the output path being /var/lib/rancid/backups/.


    Code:
    ./var/lib/rancid/.scripts/routers.shverify the config file that was generated to the output path you specified.


    Code:
    less /var/lib/rancid/backups/foo-12202005.cfg
    Step 13: Add script to CRON.
    --------------------------------------------------------------------

    As rancid add your script to CRONTAB.

    Code:
    su rancidNow add an entry for your script.


    Code:
    crontab -eTo backup your equipment every Friday at 5pm should look like...

    0 17 * * 5 /var/lib/rancid/.scripts/routers.sh >/dev/null 2>&1

    Save the entry (crtl+x).

    Verify the entry in crontab is correct.


    Code:
    crontab -lFor more infor on CRONTAB see the following post.
    http://ubuntuforums.org/showthread.php?t=102626

    You're all set... enjoy!
    __________________

  2. #2
    عضو برونزي الصورة الرمزية saqr8000
    تاريخ التسجيل
    Feb 2008
    المشاركات
    847
    الدولة: Canada
    معدل تقييم المستوى
    0

    رد: HOW TO: Automating Cisco Router, Switch, Firewall backups.



    بارك الله فيك

    وبجد مجهود منك وربنا يعينك فى تسجيلاتك
    [LEFT][SIZE="3"][COLOR="Navy"]
    Cisco:CCNA,CCNA sec,CCNP,CCSP,CCVP,CCIE-Sec in progress
    Nortel :NCSS Support Specialist,NCDS Design Specialist
    Juniper: JNCIA-ER,JNCIA-FWV
    MS:MCSE +Security[/COLOR][/SIZE][/LEFT]

المواضيع المتشابهه

  1. مشاركات: 19
    آخر مشاركة: 10-04-2012, 21:46
  2. Cisco Router/Firewall Emulation Package - CCNA/CCNP/C
    بواسطة hammooneel في المنتدى الأرشيف
    مشاركات: 8
    آخر مشاركة: 18-12-2011, 13:07
  3. cisco 1800 router and 2900 switch
    بواسطة crazy_linkin في المنتدى الأرشيف
    مشاركات: 0
    آخر مشاركة: 16-05-2010, 00:43
  4. للبيع سويتش راوتر سيسكو switch router cisco
    بواسطة aymanesmaeil في المنتدى الأرشيف
    مشاركات: 11
    آخر مشاركة: 30-04-2010, 12:47

الكلمات الدلالية لهذا الموضوع

المفضلات

ضوابط المشاركة

  • لا تستطيع إضافة مواضيع جديدة
  • لا تستطيع الرد على المواضيع
  • لا تستطيع إرفاق ملفات
  • لا تستطيع تعديل مشاركاتك
  •